#InfosecurityEurope2022: Preparing for Future Challenges and Opportunities

The closing keynote discussion of the InfoSecurity Europe 2022 conference was titled ‘Next Generation, Next Challenges, New Opportunities’ and was moderated by Eleanor Dallaway, editorial director of Infosecurity Magazine. Dallaway was joined onstage by specialists Marc Avery, CISO & director, Cyber ​​Chain AllianceJonathan Kidd, global CISO, Computershare and Chris Green, head of PR and communications at (ISC) ². The panel explored how we can anticipate the future of cybercrime to better prepare for the challenges and opportunities.

Cyber-Attacks

The start of the session saw uniformity of opinion amongst the panel, believing that while the strategies and methods of cyber-attacks have not evolved a great deal in recent years, both scale and versatility have, with organized cross-sector campaigns now being observed .

Established techniques such as phishing remain an “effective delivery mechanism,” and the loosening of the work-leisure distinction has meant employees are increasingly suspected of falling victim to an attack due to the growing tendency to check and respond to work emails outside of office hours , with employees failing to adopt a secure mentality outside of the workplace. This theme resonated with Dallaway, who stressed that there is an “interesting psychology of falling victim to an attack,” emphasizing that more education is needed to ensure secure behaviors are retained in both work and social domains.

Mental Health

The question of mental health within the cybersecurity industry was then addressed by Dallaway, especially in the wake of the pandemic, highlighting that while the “industry weathered this well,” the sector’s professionals may be increasingly suffering from issues like burnout. Recent years had been very hard on the industry’s staff, claimed Kidd, especially given the “500% increase of COVID-19-era phishing”, meaning pressures and responsibilities on cybersecurity workers were very intense, particularly with the added complications of remote work. The shift to working from home was very difficult, commented Green, and while the sector generally has “very high job satisfaction,” stress and burnout are real problems. Conversely, balance to the remote work topic was provided by Avery, who asserted that many small and medium-sized enterprises (SMEs) dealt well with the changes to working practices, with multiple businesses achieving a rapid and secure transformation overnight, although “in- team communication and documenting processes suffered. ”

Getting the Basics Right

The panel then shifted focus to the topic of whether cybersecurity as an industry is “getting the basics right,” with a particular focus on smaller businesses. The panel agreed that SMEs should not assume they’re safe despite having the baseline of cyber essentials covered, with Kidd underscoring that common cyber-attacks like commodity phishing remain effective. The importance of heeding the advice and documentation on the National Cyber ​​Security Center’s (NCSC) website was reiterated by Avery, as “this will prevent 80% of attacks.” Speaking more positively, Green believed that basic cyber essentials amongst many SMEs are an area of ​​the industry that we’re predominantly “getting right.”

Diversity

The sector’s diversity challenges were then considered. Hiring practices within the industry are risk-averse, claimed Kidd, as there’s a tendency to recruit established personnel, and instead, the industry needs to “look in the right places” and take on risks in bringing in and developing junior people. This point resonated with Avery, who told the audience that “we need to think differently.” Dallaway considered whether placing too much emphasis on qualifications and formal training could limit recruitment.

The session finished with each panelist offering an “actionable learning point.” The need to bring young talent into the sector was highlighted by Green. This point resonated with Kidd, who added, “we need to take risks in recruitment.” The role of marketing was stressed by Avery and Dallaway, concluding that we need to change how the industry is seen externally.

Source

The closing keynote discussion of the InfoSecurity Europe 2022 conference was titled ‘Next Generation, Next Challenges, New Opportunities’ and was moderated by Eleanor Dallaway, editorial director of Infosecurity Magazine. Dallaway was joined onstage by specialists Marc Avery, CISO & director, Cyber ​​Chain AllianceJonathan Kidd, global CISO, Computershare and Chris Green, head of PR and communications at (ISC) ². The panel explored how we can anticipate the future of cybercrime to better prepare for the challenges and opportunities.

Cyber-Attacks

The start of the session saw uniformity of opinion amongst the panel, believing that while the strategies and methods of cyber-attacks have not evolved a great deal in recent years, both scale and versatility have, with organized cross-sector campaigns now being observed .

Established techniques such as phishing remain an “effective delivery mechanism,” and the loosening of the work-leisure distinction has meant employees are increasingly suspected of falling victim to an attack due to the growing tendency to check and respond to work emails outside of office hours , with employees failing to adopt a secure mentality outside of the workplace. This theme resonated with Dallaway, who stressed that there is an “interesting psychology of falling victim to an attack,” emphasizing that more education is needed to ensure secure behaviors are retained in both work and social domains.

Mental Health

The question of mental health within the cybersecurity industry was then addressed by Dallaway, especially in the wake of the pandemic, highlighting that while the “industry weathered this well,” the sector’s professionals may be increasingly suffering from issues like burnout. Recent years had been very hard on the industry’s staff, claimed Kidd, especially given the “500% increase of COVID-19-era phishing”, meaning pressures and responsibilities on cybersecurity workers were very intense, particularly with the added complications of remote work. The shift to working from home was very difficult, commented Green, and while the sector generally has “very high job satisfaction,” stress and burnout are real problems. Conversely, balance to the remote work topic was provided by Avery, who asserted that many small and medium-sized enterprises (SMEs) dealt well with the changes to working practices, with multiple businesses achieving a rapid and secure transformation overnight, although “in- team communication and documenting processes suffered. ”

Getting the Basics Right

The panel then shifted focus to the topic of whether cybersecurity as an industry is “getting the basics right,” with a particular focus on smaller businesses. The panel agreed that SMEs should not assume they’re safe despite having the baseline of cyber essentials covered, with Kidd underscoring that common cyber-attacks like commodity phishing remain effective. The importance of heeding the advice and documentation on the National Cyber ​​Security Center’s (NCSC) website was reiterated by Avery, as “this will prevent 80% of attacks.” Speaking more positively, Green believed that basic cyber essentials amongst many SMEs are an area of ​​the industry that we’re predominantly “getting right.”

Diversity

The sector’s diversity challenges were then considered. Hiring practices within the industry are risk-averse, claimed Kidd, as there’s a tendency to recruit established personnel, and instead, the industry needs to “look in the right places” and take on risks in bringing in and developing junior people. This point resonated with Avery, who told the audience that “we need to think differently.” Dallaway considered whether placing too much emphasis on qualifications and formal training could limit recruitment.

The session finished with each panelist offering an “actionable learning point.” The need to bring young talent into the sector was highlighted by Green. This point resonated with Kidd, who added, “we need to take risks in recruitment.” The role of marketing was stressed by Avery and Dallaway, concluding that we need to change how the industry is seen externally.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

A series of vulnerabilities on the popular asset management platform Device42 could be exploited to give attackers full root access to the system, according...

Top 5 best backup practices

Give yourself peace of mind by implementing a new backup strategy with our tips....

Vicarius vsociety enables peer-to-peer networking and open-source collaboration on vulnerability research

Vicarius announced at the Black Hat USA 2022 conference the release of vsociety, a social community...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!